12.2. Enabling IPv6 for a Subsystem
Certificate System automatically configures and manages connections between subsystems. Every subsystem must interact with a CA as members of a security domain and to perform their PKI operations.
For these connections, Certificate System subsystems can be recognized by their host's fully-qualified domain name or an IP address. By default, Certificate System resolves IPv4 addresses and host names automatically, but Certificate System can also use IPv6 for their connections. IPv6 is supported for all server connections: to other subsystems, to the administrative console (
pkiconsole), or through command-line scripts such as
op=var_set name=ca_host value=IPv6 address
- Install the Red Hat Certificate System packages.
- Set the IPv4 and IPv6 addresses in the
/etc/hostsfile. For example:
vim /etc/hosts 192.0.0.0 server.example.com IPv4 address 3ffe:1234:2222:2000:202:55ff:fe67:f527 server6.example.com IPv6 address
- Then, export the environment variable to use the IPv6 address for the server. For example:
pkispawnto create the new instance. The values for the server host name in the
CS.cfgfile will be set to the IPv6 address.